According to PCrisk, Rhadamanthys is a stealer-type malware, and as its name implies - it is designed to extract data from infected machines.
At the time of writing, this malware is spread through malicious websites mirroring those of genuine software such as AnyDesk, Zoom, Notepad++, and others. Rhadamanthys is downloaded alongside the real program, thus diminishing immediate user suspicion. These sites were promoted through Google ads, which superseded the legitimate search results on the Google search engine.
|2023-01-16 ⋅ Medium elis531989 ⋅ |
Dancing With Shellcodes: Analyzing Rhadamanthys Stealer
|2023-01-12 ⋅ Cybleinc ⋅ |
Rhadamanthys: New Stealer Spreading Through Google Ads
|2022-01-03 ⋅ Malware Traffic Analysis ⋅ |
2023-01-03 (TUESDAY) - GOOGLE AD --> FAKE NOTPAD++ PAGE --> RHADAMANTHYS STEALER
There is no Yara-Signature yet.